<!DOCTYPE html>
<meta charset="utf-8">
<title>WebAuthn navigator.credentials.create() timeout Tests</title>
<meta name="timeout" content="long">
<link rel="author" title="Adam Powers" href="mailto:adam@fidoalliance.org">
<link rel="help" href="https://w3c.github.io/webauthn/#iface-credential">
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/resources/testdriver.js"></script>
<script src="/resources/testdriver-vendor.js"></script>
<script src=helpers.js></script>
<body></body>
<script>
"use strict";

// bad timeout values
// TODO: there is some debate as to whether MAX_UNSIGNED_LONG + 1 and / or -1 should be disallowed since they get converted to valid values internally
// new CreateCredentialsTest({path: "options.publicKey.timeout", value: -1}).runTest("Bad timeout: negative", TypeError);
// new CreateCredentialsTest({path: "options.publicKey.timeout", value: 4294967295 + 1}).runTest("Bad timeout: too big", TypeError);

// timeout test
promise_test(async t => {
    // if available, configure a mock authenticator that does not respond to user input
    try {
        let authenticator = await window.test_driver.add_virtual_authenticator({
            protocol: "ctap1/u2f",
            transport: "usb",
            isUserConsenting: false,
        });
      t.add_cleanup(() => window.test_driver.remove_virtual_authenticator(authenticator));
    } catch (error) {
        if (error !== "error: Action add_virtual_authenticator not implemented") {
            throw error;
        }
    }

    var args = {
        options: {
            publicKey: {
                // browsers may set an arbitrary minimum timeout and not respect this value
                timeout: 1
            }
        }
    };

    return promise_rejects_dom(t, "NotAllowedError", createCredential(args));
}, "ensure create credential times out");
// TODO: createCredential.timeout > 1s && setTimeout < 1s
// TODO: createCredential.timeout < 5s && setTimeout > 5s

/* JSHINT */
/* globals standardSetup, CreateCredentialsTest, createCredential, promise_test, promise_rejects_dom*/
</script>
